You might think that phone call might be unlikely, but as of this week it's built in and is likely happening right now.

I was poking around in the latest version of Sysinternals, and tripped over a new option. You can now submit any running process in memory directly to Virustotal. it's a simple right-click in the latest version of Process Explorer.

If that's not just the coolest thing! If your AV product isn't triggering on a suspect process, you can now query all the AV engines without even having to find or upload the file - - assuming that a file that matches your process even exists - if you're in the midst of a security incident a suspect process might not have a matching file.

Today Microsoft published the advance notification for this months security bulletins. The bulletins will be published on February 11th (coming Tuesday) [1]. Again, we will have a pretty light patch day, with only 5 bulletins, and only 2 of these bulletins are considered critical.

Noteworthy: No Internet Explorer patches and no Office Patches. We will only see Windows Patches, a patch for .Net and a "Security Software" patch.

Not part of the patch Tuesday, but still happening on the same day: Microsoft will no longer allow MD5 hashes for certificates. This may be difficult for some applications that haven't been changed over yet, even though Microsoft gave ample warning, and MD5 hashes have been shown to be badly broken for certificate signatures for a few years now. Just earlier today I ran into a brand new Axis, pretty expensive, network camera that only allows the use of MD5 hashed certificate signatures.

Facebook marked its 10th year as a company on Tuesday and to celebrate, the social network offered its 1.2 billion users around the world a feature called Look Back movies, made up of photos and activities that users have shared.

Google's agreement to end its three-year antitrust dispute with the European Union gives the company's search rivals a boost, but it's probably not enough to make a dent in Google's search engine dominance

Hurricanes, blizzards, floods, earthquakes, even mundane events like employees' car troubles or family obligations can disrupt your business and put a damper on productivity. Here's how to prepare your business and your personnel for working remotely.

Microsoft's Dynamics ERP and CRM product lines seemed safe immediately following former CEO Steve Ballmer';s sweeping reorganization of the company last year. But now that longtime Microsoft executive Satya Nadella has been named Ballmer's successor, the time is ripe for more focused speculation on the future of Dynamics. Here's a look at what could be in store.

LinuxSecurity.com: Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate [More...]

LinuxSecurity.com: Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. The IDs mentioned above are just a portion of the security issues fixed in this update. A full list of the changes is available at [More...]

LinuxSecurity.com: Pedro Ribeiro from Agile Information Security found a possible remote code execution on Horde3, a web application framework. Unsanitized variables are passed to the unserialize() PHP function. A remote attacker could specially-crafted one of those variables allowing her to load and [More...]

LinuxSecurity.com: An updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More...]

LinuxSecurity.com: Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More...]

Microsoft this week set Satya Nadella's annual base salary at $1.2 million, nearly twice his predecessor's but right on the average of CEOs in the tech industry, an executive compensation expert said today.

The Syrian Electronic Army (SEA), a group of hackers that has hijacked other high-profile domain names, managed to change the domain registration information for Facebook.com, but failed to redirect the domain to a different server.

The inspector general of NASA has issued a report that's critical of both Hewlett-Packard and the space agency for messing up a plan to centralize management of the agency's end-user computing under a $2.5 billion outsourcing contract.

Google runs its services from some of the biggest, most sophisticated data centers on the planet, but it wasn't always that way. Some of its top engineers have been reminiscing this week about the early days, when Google operated from a tiny server room down the hall from Altavista, and when Larry Page used to roll up his sleeves and fix its servers with a twist tie.

Google runs its services from some of the biggest, most sophisticated data centers on the planet, but it wasn't always that way. Some of its top engineers have been reminiscing this week about the early days, when Google operated from a tiny server room down the hall from Altavista, and when Larry Page used to roll up his sleeves and fix its servers with a twist tie.

Last week, Target told reporters at The Wall Street Journal and Reuters
that the initial intrusion into its systems was traced back to network
credentials that were stolen from a third party vendor. Sources now tell
KrebsOnSecurity that the vendor in question was a refrigeration, heating
and air conditioning...